Fix: Pass token_info dict instead of token string to get_user_roles

Author: Deepthi-Chand

api/utils/keycloak_utils.py

@@ -122,22 +122,19 @@ def get_user_roles(self, token_info: dict) -> list[str]:
 
         return roles
 
-    def get_user_organizations(self, token: str) -> List[Dict[str, Any]]:
+    def get_user_organizations(self, token_info: dict) -> List[Dict[str, Any]]:
         """
-        Get the organizations a user belongs to from their token.
+        Get the organizations a user belongs to from their token info.
         This assumes that organization information is stored in the token
         as client roles or in user attributes.
 
         Args:
-            token: The user's token
+            token_info: The decoded token information
 
         Returns:
             List of organization information
         """
         try:
-            # Decode the token to get user info
-            token_info = self.keycloak_openid.decode_token(token)
-
             # Get organization info from resource_access or attributes
             # This implementation depends on how organizations are represented in Keycloak
             # This is a simplified example - adjust based on your Keycloak configuration

api/views/auth.py

@@ -32,9 +32,12 @@ def post(self, request: Request) -> Response:
                 status=status.HTTP_401_UNAUTHORIZED,
             )
 
+        # Get token introspection data for roles and organizations
+        token_info = keycloak_manager.keycloak_openid.introspect(keycloak_token)
+
         # Get user roles and organizations from the token
-        roles = keycloak_manager.get_user_roles(keycloak_token)
-        organizations = keycloak_manager.get_user_organizations(keycloak_token)
+        roles = keycloak_manager.get_user_roles(token_info)
+        organizations = keycloak_manager.get_user_organizations(token_info)
 
         # Sync the user information with our database
         user = keycloak_manager.sync_user_from_keycloak(user_info, roles, organizations)